"Yankee Group expects Vista to significantly shrink the aftermarket for antispyware and desktop firewalls," analyst Andrew Jaquith wrote in the report. Additionally, Microsoft's first new operating system release in five years may reduce the need for disk encryption, device control and certain types of host intrusion-prevention software, Jaquith wrote.

But Vista won't have any effect on the antivirus software space, which at $2.6 billion is the largest market for Windows desktop security software, according to Yankee Group. Vista does not include antivirus functionality; Microsoft plans to sell its Windows Live OneCare antivirus software separately starting next month.

The impact on the aftermarket depends on Vista's features. Windows Defender, Vista's spyware protection, as well as the improved Windows Firewall are fine for the majority of users, Jaquith believes. However, the BitLocker disk encryption feature and tools to manage devices such as USB keys will work only for some, he said in an interview.

Small organizations may find Microsoft's disk encryption and device management good enough out of the box, but large enterprises will need more management features, leaving room for third parties, Jaquith said. "Companies that can focus on manageability and scalability, even if those products overlap with Vista, will continue to do well."

But while the changes in Vista should reduce the risk for most users, the security features mean upgrading won't be easy, Jaquith cautioned. "Vista will dramatically improve the security for Windows users, but they have some execution and usability challenges," he said. "It is clear as day that Vista is going to really annoy users."

The annoyance would come from features such as User Account Control, which is to be enabled by default and lets users run Windows with fewer privileges. The intent is to thwart malicious software from gaining a foothold on Windows PCs. "Although the new security system shows promise, it is far too chatty and annoying," Jaquith wrote.

As a result, Yankee Group recommends business users who don't want to be on the bleeding edge to steer clear of Vista until 2008 and continue to use Windows XP with Service Pack 2 until then. "As a hedging strategy, enterprises upgrading their hardware should also take a look Apple's dual boot Intel Macintoshes," Jaquith wrote.